Menu
▾
▴
ids-devel — IDS developers use this list
You can subscribe to this list here.
| 2001 |
Jan
(2) |
Feb
(48) |
Mar
(16) |
Apr
(14) |
May
(42) |
Jun
(36) |
Jul
(57) |
Aug
(13) |
Sep
(2) |
Oct
(23) |
Nov
(17) |
Dec
(3) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(5) |
Feb
|
Mar
(10) |
Apr
(1) |
May
(6) |
Jun
|
Jul
(2) |
Aug
(1) |
Sep
(12) |
Oct
(26) |
Nov
(11) |
Dec
(37) |
| 2003 |
Jan
(11) |
Feb
(27) |
Mar
(5) |
Apr
(21) |
May
(11) |
Jun
(38) |
Jul
(8) |
Aug
(29) |
Sep
(2) |
Oct
|
Nov
(7) |
Dec
(5) |
| 2004 |
Jan
(5) |
Feb
(2) |
Mar
(19) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(3) |
Oct
|
Nov
(1) |
Dec
|
| 2005 |
Jan
|
Feb
(3) |
Mar
(3) |
Apr
(4) |
May
|
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
(2) |
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
(8) |
|
From: John M. <mo...@mu...> - 2001-10-17 21:08:33
|
The current IDS codebase (< version 1.0) is pretty nasty. (I started IDS=20= a month after I finished the Llama Book if that tells you anything.) At=20= one point, we got version 0.6(?) to kind of work under mod_perl, but it=20= wasn't pretty. As has been said, you've really got to code with mod_perl=20= in mind. Version 1.0 is a complete re-write of IDS, and it's been designed from=20= the ground up for mod_perl. A warning, though=96 it's pretty normal for every Apache process to=20 consume 8-12MB of RAM when IDS is running under mod_perl. John On Wednesday, October 17, 2001, at 04:33 PM, Techwolf wrote: > At 04:00 PM 10/17/2001 -0400, Jeff wrote: >> The program has to essentially be written with modperl in=20 >> mind. Basically this means that >> global variables should not be used. Then a small script is written=20= >> to preload the modules and the >> scripts into the apache parent. If the program is well written, this=20= >> isn't too challenging. Modperl >> has incredible performance although it does come at a substantial=20 >> memory cost. > > Forgive me if I sound like a total idiot here. > > I thought IDS was already written to work with mod_perl. If so, how=20 > does one go about getting apache to run IDS under mod_perl. So simple = a=20 > question, but I keep getting info on how to rewrite IDS, or other=20 > programs, to work with mod_perl. I don't want to do that, I just want=20= > to run IDS using mod_perl. > > I have read where one did get mod_perl to work with IDS, although as=20= > you said, eats up a bit of memory, but when my system has 512M,=20 > shouldn't be too much of a problem. *grins* > > Isn't there a saying about linux docs in general? :-) > > Wish list: mod_perl for dummies. *grins* I found those series of books=20= > have more _usefull_ information then most tech books out there. > > > Techwolf > Tec...@at... > http://www.techwolf.net/index.html > PGP public keys on web site. > > > _______________________________________________ > IDS-devel mailing list > IDS...@li... > https://lists.sourceforge.net/lists/listinfo/ids-devel |
|
From: Ashley M. K. <as...@pc...> - 2001-10-17 21:07:39
|
Techwolf wrote:
> I thought IDS was already written to work with mod_perl.
Current versions, are not. The beta code for v1.0 is written for mod_perl.
And it's still being worked on.
--
W | I haven't lost my mind; it's backed up on tape somewhere.
+--------------------------------------------------------------------
Ashley M. Kirchner <mailto:as...@pc...> . 303.442.6410 x130
IT Director / SysAdmin / WebSmith . 800.441.3873 x130
Photo Craft Laboratories, Inc. . 3550 Arapahoe Ave. #6
http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A.
|
|
From: Techwolf <Tec...@at...> - 2001-10-17 20:52:58
|
At 04:00 PM 10/17/2001 -0400, Jeff wrote: > The program has to essentially be written with modperl in > mind. Basically this means that >global variables should not be used. Then a small script is written to >preload the modules and the >scripts into the apache parent. If the program is well written, this >isn't too challenging. Modperl >has incredible performance although it does come at a substantial memory cost. Forgive me if I sound like a total idiot here. I thought IDS was already written to work with mod_perl. If so, how does one go about getting apache to run IDS under mod_perl. So simple a question, but I keep getting info on how to rewrite IDS, or other programs, to work with mod_perl. I don't want to do that, I just want to run IDS using mod_perl. I have read where one did get mod_perl to work with IDS, although as you said, eats up a bit of memory, but when my system has 512M, shouldn't be too much of a problem. *grins* Isn't there a saying about linux docs in general? :-) Wish list: mod_perl for dummies. *grins* I found those series of books have more _usefull_ information then most tech books out there. Techwolf Tec...@at... http://www.techwolf.net/index.html PGP public keys on web site. |
|
From: Caleb E. <ca...@bk...> - 2001-10-17 20:43:36
|
On Wed, Oct 17, 2001 at 03:06:59PM -0500, Techwolf wrote:
> Already doing that. mod_perl is running. How does one tell if IDS is
> using it? If I find the right answer, this could be added to the
> docs as there is nothing in there about setting up IDS to use
> mod_perl in there now.
Unless you have specifically configured Apache to use mod_perl
on the IDS directory, its not in use. If you have a version
prior to the 1.0 beta it will NOT work under mod_perl.
Something like this (I have this inside a <VirtualHost> block):
<Files *.cgi>
SetHandler perl-script
PerlHandler Apache::Registry
Options ExecCGI
</Files>
PerlModule Apache::Registry
<Location /ids>
SetHandler perl-script
PerlHandler Apache::Registry
Options ExecCGI
<IfModule mod_dir.c>
DirectoryIndex index.cgi
</IfModule>
allow from all
PerlSendHeader On
</Location>
<Location /ids/albums>
SetHandler default-handler
</Location>
<Location /ids/data>
SetHandler default-handler
</Location>
<Location /ids/cache>
SetHandler default-handler
</Location>
<Location /ids/themes>
SetHandler default-handler
</Location>
--
cae at bklyn dot org | Caleb Epstein | bklyn . org | Brooklyn Dust Bunny Mfg.
|
|
From: Jeff <je...@ba...> - 2001-10-17 20:41:01
|
On Wed, Oct 17, 2001 at 03:06:59PM -0500, Techwolf wrote:
> Already doing that. mod_perl is running. How does one tell if IDS is using it?
If IDS's .pl scripts are not explicitly set to use Apache::Registry (via RegistryLoader or
PerlRun) in httpd.conf then IDS would not be using modperl.
I can typically just tell if a script is using modperl by how fast it executes. You can also
check in the script for the presence of the modperl environmental variable that is set in that
environment (I can't remember the exact name of it). You can also use the perl-status module to tell
if the script and/or modules are preloaded.
Jeff
|
|
From: Ashley M. K. <as...@pc...> - 2001-10-17 20:26:13
|
Techwolf wrote:
> Already doing that. mod_perl is running. How does one tell if IDS is using it?
>
> If I find the right answer, this could be added to the docs as there is
> nothing in there about setting up IDS to use mod_perl in there now.
Ah, you need the beta code for v1.0 - which as John pointed out a moment ago,
isn't online. He'll upload it over the next couple of days.
--
W | I haven't lost my mind; it's backed up on tape somewhere.
+--------------------------------------------------------------------
Ashley M. Kirchner <mailto:as...@pc...> . 303.442.6410 x130
IT Director / SysAdmin / WebSmith . 800.441.3873 x130
Photo Craft Laboratories, Inc. . 3550 Arapahoe Ave. #6
http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A.
|
|
From: Techwolf <Tec...@at...> - 2001-10-17 20:23:20
|
At 01:21 PM 10/17/2001 -0600, Ashley M. Kirchner wrote: > A-patchy needs to be compiled with mod_perl (or have mod_perl be added as >a DSO). Read about mod_perl at http://perl.apache.org/ and how it gets >integrated with a-patchy itself. Already doing that. mod_perl is running. How does one tell if IDS is using it? If I find the right answer, this could be added to the docs as there is nothing in there about setting up IDS to use mod_perl in there now. Techwolf Tec...@at... http://www.techwolf.net/index.html PGP public keys on web site. |
|
From: Jeff <je...@ba...> - 2001-10-17 20:00:33
|
On Wed, Oct 17, 2001 at 02:14:27PM -0500, Techwolf wrote:
> My question is how does one get IDS to run under mod_perl? Is it as simple
> as renaming a couple files to .pl instead of .cgi? Or is there more then
> that? Like some apache config.
The program has to essentially be written with modperl in mind. Basically this means that
global variables should not be used. Then a small script is written to preload the modules and the
scripts into the apache parent. If the program is well written, this isn't too challenging. Modperl
has incredible performance although it does come at a substantial memory cost.
Jeff
|
|
From: Ashley M. K. <as...@pc...> - 2001-10-17 19:21:18
|
Techwolf wrote:
> My question is how does one get IDS to run under mod_perl? Is it as simple
> as renaming a couple files to .pl instead of .cgi? Or is there more then
> that? Like some apache config.
A-patchy needs to be compiled with mod_perl (or have mod_perl be added as
a DSO). Read about mod_perl at http://perl.apache.org/ and how it gets
integrated with a-patchy itself.
--
W | I haven't lost my mind; it's backed up on tape somewhere.
+--------------------------------------------------------------------
Ashley M. Kirchner <mailto:as...@pc...> . 303.442.6410 x130
IT Director / SysAdmin / WebSmith . 800.441.3873 x130
Photo Craft Laboratories, Inc. . 3550 Arapahoe Ave. #6
http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A.
|
|
From: Techwolf <Tec...@at...> - 2001-10-17 19:16:28
|
At 02:25 PM 10/17/2001 -0400, Caleb Epstein wrote: > The "old" versions of IDS (0.8x and earlier) do not run > properly under mod_perl. There is a 1.0 beta which does work My question is how does one get IDS to run under mod_perl? Is it as simple as renaming a couple files to .pl instead of .cgi? Or is there more then that? Like some apache config. Techwolf Tec...@at... http://www.techwolf.net/index.html PGP public keys on web site. |
|
From: John M. <mo...@mu...> - 2001-10-17 18:59:00
|
I just switched servers, so I'll need to repost the 1.0 developmental code. I'll try to do that in the next couple of days. "Looks great, though" should be the IDS motto. :) John On Wednesday, October 17, 2001, at 02:25 PM, Caleb Epstein wrote: > On Wed, Oct 17, 2001 at 02:19:51PM -0400, Rick Byers wrote: > >> Hi, I'm running IDS on an old P-200 (with plenty of RAM), and it >> takes a few seconds to display any IDS page (even though no image >> manipulation is being done). I suspect most of the CPU time is >> being spent parsing and processing the perl script. Has anyone >> experimented with any techniques for improveing performance like >> mod-perl? I'm not sure how mod-perl interacts with perl scripts >> that pull in other .pm files... > > The "old" versions of IDS (0.8x and earlier) do not run > properly under mod_perl. There is a 1.0 beta which does work > under mod_perl and is noticeably faster, though requires a lot > more Perl modules to run. I am running this version of IDS on > a similar-spec machine, and its still pretty much torture to > use, speed-wise. Looks great, though :) > > I seem to have lost the URL for the beta code. Anyone? > > -- > cae at bklyn dot org | Caleb Epstein | bklyn . org | Brooklyn Dust > Bunny Mfg. > > _______________________________________________ > IDS-devel mailing list > IDS...@li... > https://lists.sourceforge.net/lists/listinfo/ids-devel |
|
From: Caleb E. <ca...@bk...> - 2001-10-17 18:25:19
|
On Wed, Oct 17, 2001 at 02:19:51PM -0400, Rick Byers wrote: > Hi, I'm running IDS on an old P-200 (with plenty of RAM), and it > takes a few seconds to display any IDS page (even though no image > manipulation is being done). I suspect most of the CPU time is > being spent parsing and processing the perl script. Has anyone > experimented with any techniques for improveing performance like > mod-perl? I'm not sure how mod-perl interacts with perl scripts > that pull in other .pm files... The "old" versions of IDS (0.8x and earlier) do not run properly under mod_perl. There is a 1.0 beta which does work under mod_perl and is noticeably faster, though requires a lot more Perl modules to run. I am running this version of IDS on a similar-spec machine, and its still pretty much torture to use, speed-wise. Looks great, though :) I seem to have lost the URL for the beta code. Anyone? -- cae at bklyn dot org | Caleb Epstein | bklyn . org | Brooklyn Dust Bunny Mfg. |
|
From: Rick B. <rb...@Bi...> - 2001-10-17 18:19:57
|
Hi, I'm running IDS on an old P-200 (with plenty of RAM), and it takes a few seconds to display any IDS page (even though no image manipulation is being done). I suspect most of the CPU time is being spent parsing and processing the perl script. Has anyone experimented with any techniques for improveing performance like mod-perl? I'm not sure how mod-perl interacts with perl scripts that pull in other .pm files... Thanks, Rick |
|
From: Thomas K. <tk...@us...> - 2001-10-17 01:53:15
|
I figured out the Windows 2000 file upload issue. Since most non-Unix
operating systems (including Windows 2000) have a hard time differentiating
between text and binary files, we need to binmode the file handle before we
write to it.
So, in the admin/index.cgi, go to the uploadFile2 subroutiune (about line
1046)
the actual upload code is
replace_file($uploadDest, sub {
local *FH=shift;
my $buffer;
while (my $bytesread=read($uploadFileName,$buffer,1024)) {
print FH $buffer;
}
}) or bail("couldn't upload file \"$uploadDest\":", $!);
add a line after " local *FH=shift;"
to say "binmode (FH);"
so, the upload code looks like this:
replace_file($uploadDest, sub {
local *FH=shift;
binmode (FH);
my $buffer;
while (my $bytesread=read($uploadFileName,$buffer,1024)) {
print FH $buffer;
}
}) or bail("couldn't upload file \"$uploadDest\":", $!);
And it should work!
From what I've read, the binmode function works fine on Unix, but does
nothing. Can anyone confirm this? If Unix simply ignores it, we can just add
it to the source, and not worry about it anymore.
Thanks!
Tom Keegan
----- Original Message -----
From: "John Moose" <mo...@mu...>
To: "Thomas Keegan" <tk...@us...>
Sent: Thursday, August 30, 2001 9:31 AM
Subject: Fwd: Please help
> Any ideas?
>
> John
>
> Begin forwarded message:
>
> > From: Mohammad Alaoni <al...@ya...>
> > Date: Thu Aug 30, 2001 09:19:13 AM US/Eastern
> > To: mo...@mu...
> > Subject: Please help
> >
> > Dear John,
> >
> > First of all i would like to thank you for your great
> > software and the time you spent devloping it. Second i
> > was able to run IDS on Windows 2000 and everything
> > went smooth till i logged in as admin & tried to
> > upload an Image to a folder that i created. this is
> > the error message that shows up in the browser after
> > the upload.
> >
> > Warning 315: Bogus DQT index 15
> > (../albums/family/sami.jpg) [No such file or
> > directory] at ../idsShared.pm line 611.
> >
> > P.S photo's can be processed by IDS and generated if i
> > droped them directly into the folder but not uploading
> > them by the admin interface.
> >
> > Thanx again for helping.
> >
> >
> > Al-Mutairi
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Get email alerts & NEW webcam video instant messaging with Yahoo!
> > Messenger
> > http://im.yahoo.com
>
|
|
From: Patrik 'K. Grip-J. <pa...@gn...> - 2001-10-04 00:23:40
|
I didn't see any way to post patches on the IDS Sourceforge site, so I=20 decided to post the "patch" here. The following is a Swedish translation=20 for IDS. # Swedish 2001-oct-04 Patrik Grip-Jansson <pa...@gn...> # # format- # valuename:"value" # Site-wide site-language:"sv-SE" site-encoding:"iso-8859-1" site-footer:"Den h=E4r sidan skapades %time, %date av %version." site-searchButton:"S=F6k" # Home page home-albumLabel:"album" home-newsLabel:"nyheter" home-commentLink:"Se de senaste kommentarerna..." # Album page album-sortName:"Sortera efter namn" album-sortDate:"Sortera efter datum " album-sortSize:"Sortera efter storlek" album-sortIntelligent:"Intelligent namnsortering" album-sortButton:"Sortera" album-itemCount:"bild %firstItem-%lastItem av %totalItems" album-noItems:"Inga bilder funna" album-oneItem:"en bild" album-pageNumber:"Sida %pageNumber" album-hasComments:"har kommentarer" album-mainPageLink:"Huvudsida" album-previousAlbumLink:"F=F6reg=E5ende album" # Image page image-backToAlbum:"Tillbaka till album" image-previousImage:"F=F6reg=E5ende bild" image-nextImage:"N=E4sta bild" image-imageSizeTiny:"pytteliten" image-imageSizeSmall:"liten" image-imageSizeMedium:"mellan" image-imageSizeLarge:"stor" image-imageSizeXLarge:"extra stor" image-imageSizeOriginal:"original" image-imageSizeButton:"=C4ndra storlek" image-infoType:"Bildtyp" image-infoFileSize:"Filstorlek" image-infoImageSize:"Bildstorlek" image-infoUploaded:"Upladdad" image-infoUploaded1:"%days dagar sen" image-infoUploaded2:"idag" image-infoCameraMake:"M=E4rke" image-infoCameraModel:"Modell" image-infoFlash:"Blixt" image-infoDate:"Tagen" image-infoISO:"ISO" image-infoFocalLength:"Fokusl=E4ngd" image-infoShutter:"Slutare" image-infoAperture:"Bl=E4ndare" image-infoEmbedded:"Inb=E4ddadkommentar" image-infoUnknown:"Ok=E4nd" image-comments:"Kommentar" image-noComments:"Den h=E4r bilden har inga kommentarer" image-commentButton:"Posta kommentar" image-orderPhotoButton:"Best=E4ll det h=E4r fotot" image-shutterfly:"Det h=E4r galleriet har support f=F6r Shutterfly. Klick= a p=E5 \"Best=E4ll den h=E4r bilden\"-knappen f=F6r att snabbt och enkelt= best=E4lla h=F6gkvalitativta fotoutskrifter med dina favorit bilder fr=E5= n Shutterfly.com." # Comment Viewer commentviewer-label:"Senaste kommentarerna" commentviewer-counter:"%comments av %totalComments kommentarer visade" commentviewer-from:"Fr=E5n" commentviewer-time:"Tid" commentviewer-comment:"Kommentar" commentviewer-mainPageLink:"Huvudsida" commentviewer-noComments:"Tyv=E4rr, hittade inga kommentarer." # Comment Poster commentposter-label:"posta kommentar" commentposter-post:"Skriv in en kommentar ang=E5ende denna bild. HTML-tag= gar kommer att tas bort." commentposter-name:"Ditt namn (beh=F6vs ej)" commentposter-IPaddress:"Din IP-adress" commentposter-comment:"Din kommentar" commentposter-previewCommentButton:"F=F6rhandsgranska kommentar" commentposter-verify:"Godk=E4nn din kommentar" commentposter-anon:"anonym" commentposter-editCommentButton:"Redigera kommentar" commentposter-postCommentButton:"Posta kommentar" commentposter-success:"Kommentar postad. Tackar!" commentposter-linkToImage:"=C5terv=E4nd till bilden '%imageName'" commentposter-errorDisabled:"Tyv=E4rr, site-administrat=F6ren har slagit = av kommentarer f=F6r g=E4ster." commentposter-errorBanned:"Tyv=E4rr, du har blivid sp=E4rrad fr=E5n att p= osta kommentarer." commentposter-errorBanned1:"Din kommentar postades ej. Site-administrat=F6= ren har f=F6rbjudit n=E5gra av de ord som du anv=E4nde i din kommentar." # Search Results search-label:"s=F6kresultat" search-text:"s=F6ktext" search-counter:"%foundItems bilder funna" search-counter1:"en bild funnen" search-location:"Location" search-comments:"Kommentarer" search-lastMod:"Senast =E4ndrad" search-noHits:"Tyv=E4rr, inga tr=E4ffar. F=F6rs=F6k igen." search-mainPageLink:"Huvudsida" # Error error-label:"IDS fel" error-text1:"Ett fel har intr=E4ffat!" error-text2:"Om felet kvarst=E5r, v=E4nligen kontakta site-administrat=F6= ren." --=20 .---------------------. | Patrik Grip-Jansson | | Ringen 4B | .--------------------. | 78444 Borl=E4nge .--'----' http://gnulix.org/ `---------. | Sweden | All views and opinions are my own, | `------------------| PH:+46(0)24382823 PW:+46(0)707354360 | `--------------------------------------' |
|
From: Jeff D. <je...@ba...> - 2001-09-11 04:09:11
|
Same situation here. ----- Original Message ----- From: "Rick Byers" <rb...@Bi...> To: "John Moose" <mo...@mu...> Cc: <ids...@li...> Sent: Monday, September 10, 2001 9:38 PM Subject: Re: [Ids-devel] anoncvs access? > Well, if IDS was accessable via CVS, I'd use it to easily keep up to date > while maintaining my local hacks. For now, I've just put off upgrading > because its a bit of a hassle to maintain the few little things I've > changed for my setup... |
|
From: Rick B. <rb...@Bi...> - 2001-09-11 01:38:45
|
Well, if IDS was accessable via CVS, I'd use it to easily keep up to date while maintaining my local hacks. For now, I've just put off upgrading because its a bit of a hassle to maintain the few little things I've changed for my setup... But if its extra work for you to copy your stuff over to the SF CVS repository, and no-one else would really benefit - then don't bother... It's not that big of a deal :) Thanks, Rick On Tue, 14 Aug 2001, John Moose wrote: > Yes, SF offers CVS to every project, but I haven't used it yet. Would it > make your life easier? > > John > > > On Monday, August 13, 2001, at 04:17 PM, Rick Byers wrote: > > > Hi, > > Is anoncvs access available for IDS? I checked the sourceforge project > > webpage, but didn't see anything about CVS. Most other sourceforge > > projects I've seen have anoncvs so I thought it might be a standard > > sourceforge thing. > > > > Thanks, > > Rick > > > > > > _______________________________________________ > > IDS-devel mailing list > > IDS...@li... > > http://lists.sourceforge.net/lists/listinfo/ids-devel > > _______________________________________________ > IDS-devel mailing list > IDS...@li... > http://lists.sourceforge.net/lists/listinfo/ids-devel > |
|
From: Ashley M. K. <as...@pc...> - 2001-08-27 19:18:06
|
"Anthony A. D. Talltree" wrote:
> Unless one uses suexec, everything has to be world-writable anyway, no?
Um, no. I don't use suexec, and I certainly don't have anything world
writable, or even group writable for that matter. However, I DO run my own
server, and my entire (1.4Gb worth) IDS setup is owned by the Apache
server.
However, even if you're not running it in that scenario, all you need
to provide is group write permission to Apache, nothing else.
--
W | I haven't lost my mind; it's backed up on tape somewhere.
+--------------------------------------------------------------------
Ashley M. Kirchner <mailto:as...@pc...> . 303.442.6410 x130
IT Director / SysAdmin / WebSmith . 800.441.3873 x130
Photo Craft Laboratories, Inc. . 3550 Arapahoe Ave. #6
http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A.
|
|
From: Anthony A. D. T. <aa...@ve...> - 2001-08-27 19:06:47
|
Unless one uses suexec, everything has to be world-writable anyway, no? |
|
From: W. S. G. <sga...@nc...> - 2001-08-27 02:06:54
|
Jerry, Actually, I believe that it was your page that I saw that I could administer remotely. Anyway, I am fairly new to Apache (but not to Linux) and wanted to get IDS up and running, but I found that this security item was overlooked in the installation instructions (at least for a newbie like myself). I did notice that many others of the example pages were well secured. As I learn more about Apache, I plan to get things more secure and cleanly integrated. Thanks, Scott G. ----- Original Message ----- From: "Jerry Horn" <bq...@so...> To: "Scott Gaskins" <sga...@nc...>; <ids...@li...> Sent: Sunday, August 26, 2001 12:58 PM Subject: Re: [Ids-devel] IDS default install leaves admin accessible to everyone > I always check the security of any photo album I visit, and I've never seen > an insecure IDS installation (except for a site I run). my server is > running RedHat as well, and I was too lazy to fix the settings, so I didn't > even upload the .htaccess file. I'll prolly fix it tonight. the site I > manage is the "Delaware Wing, Civil Air Patrol" site. > > I love IDS, too... just wish it had support for guest or user uploads.. I > guess I'll write some coding for it myself.. :) > > Jerry Horn > > ----- Original Message ----- > From: "Scott Gaskins" <sga...@nc...> > To: <mo...@mu...> > Cc: <ids...@li...> > Sent: Sunday, August 26, 2001 2:52 PM > Subject: [Ids-devel] IDS default install leaves admin accessible to everyone > > > John, > > I just installed IDS and was in the process of trying to setup some > administative features when I noticed that, following all of your > instructions, I was able to access the admin page without having to put > in a password that I had created with htpasswd command. > I thought that this may be just a problem with my setup or installation, > so I went out to the example pages that you link from the > ids.sourceforge.net page and tried to access the admin pages for some of > those sites... and voila -- I could administer their pages at will! > |
|
From: Jerry H. <bq...@so...> - 2001-08-26 19:58:35
|
I always check the security of any photo album I visit, and I've never seen an insecure IDS installation (except for a site I run). my server is running RedHat as well, and I was too lazy to fix the settings, so I didn't even upload the .htaccess file. I'll prolly fix it tonight. the site I manage is the "Delaware Wing, Civil Air Patrol" site. I love IDS, too... just wish it had support for guest or user uploads.. I guess I'll write some coding for it myself.. :) Jerry Horn ----- Original Message ----- From: "Scott Gaskins" <sga...@nc...> To: <mo...@mu...> Cc: <ids...@li...> Sent: Sunday, August 26, 2001 2:52 PM Subject: [Ids-devel] IDS default install leaves admin accessible to everyone John, I just installed IDS and was in the process of trying to setup some administative features when I noticed that, following all of your instructions, I was able to access the admin page without having to put in a password that I had created with htpasswd command. I thought that this may be just a problem with my setup or installation, so I went out to the example pages that you link from the ids.sourceforge.net page and tried to access the admin pages for some of those sites... and voila -- I could administer their pages at will! |
|
From: Scott G. <sga...@nc...> - 2001-08-26 18:58:11
|
John, I just installed IDS and was in the process of trying to setup some administative features when I noticed that, following all of your instructions, I was able to access the admin page without having to put in a password that I had created with htpasswd command. I thought that this may be just a problem with my setup or installation, so I went out to the example pages that you link from the ids.sourceforge.net page and tried to access the admin pages for some of those sites... and voila -- I could administer their pages at will! I found the problem with my installation was that the RH7.0/7.1 Linux Apache (apache-1.3.19-5.rpm) installation comes with the httpd.conf file with the following settings: # # "/var/www/cgi-bin" should be changed to whatever your ScriptAliased # CGI directory exists, if you have that configured. # #<Directory "/var/www/cgi-bin"> <Directory "/home/httpd/cgi-bin"> AllowOverride None Options ExecCGI Order allow,deny Allow from all </Directory> I had to change the AllowOverride to say "AuthConfig" in order for the .htaccess file in the admin sub-directory to have any affect. # # "/var/www/cgi-bin" should be changed to whatever your ScriptAliased # CGI directory exists, if you have that configured. # #<Directory "/var/www/cgi-bin"> <Directory "/home/httpd/cgi-bin"> AllowOverride AuthConfig Options ExecCGI Order allow,deny Allow from all </Directory> You should add this step to your setup/installation instructions, or else others are leaving their pages open for hacking. Otherwise, thanks for such a great program! Scott Gaskins sga...@nc... |
|
From: Brian W. <bwe...@xb...> - 2001-08-16 06:24:41
|
This is the full version of the no-javascipt patch I started last
week. This changes all 4 menus to use 'this.form.submit()' to submit
forms, and adds 'Select' buttons that can be used when javascript is
disabled.
If something doesn't look right, let me know and I'll fix it.
Brian
------------
--- index.cgi.old Thu Aug 9 23:29:07 2001
+++ index.cgi Wed Aug 15 23:19:50 2001
@@ -81,18 +81,22 @@
readLocalization("localizations/".$localization.".txt");
$languageMenu = '<form method="post" action="'.$idscgi.'">
- <select name="localization" size="1" onchange="location.href=this.form.localization.options[this.form.localization.selectedIndex].value">';
+ <select name="localization" size="1" onchange="this.form.submit()">';
foreach my $availableLang (@availableLocalizations) {
- $languageMenu .= '<option value="'.$idscgi.'?localization='.$availableLang.'"'.($availableLang eq $localization ? ' selected="selected"' : '').'>'.($languageMappings{$availableLang} ne '' ? $languageMappings{$availableLang} : $availableLang)."</option>\n";
+ $languageMenu .= '<option value="'.$availableLang.'"'.($availableLang eq $localization ? ' selected="selected"' : '').'>'.($languageMappings{$availableLang} ne '' ? $languageMappings{$availableLang} : $availableLang)."</option>\n";
}
-$languageMenu .= '</select></form>';
+$languageMenu .= '</select>';
+$languageMenu .= '<noscript><input type="submit" value="Select"></noscript>';
+$languageMenu .= '</form>';
$themeMenu = '<form method="post" action="'.$idscgi.'">
- <select name="theme" size="1" onchange="location.href=this.form.theme.options[this.form.theme.selectedIndex].value">';
+ <select name="theme" size="1" onchange="this.form.submit()">';
foreach my $availableTheme (@availableThemes) {
- $themeMenu .= '<option value="'.$idscgi.'?theme='.$availableTheme.'"'.($availableTheme eq $theme ? ' selected="selected"' : '').'>'.$availableTheme."</option>\n";
+ $themeMenu .= '<option value="'.$availableTheme.'"'.($availableTheme eq $theme ? ' selected="selected"' : '').'>'.$availableTheme."</option>\n";
}
-$themeMenu .= '</select></form>';
+$themeMenu .= '</select>';
+$themeMenu .= '<noscript><input type="submit" value="Select"></noscript>';
+$themeMenu .= '</form>';
&getExcludes();
@@ -553,13 +557,15 @@
<form action=\"$idscgi\" method=\"get\">
<input type=\"hidden\" value=\"album\" name=\"mode\" />
<input type=\"hidden\" value=\"$albumtodisplay\" name=\"album\" />
- <input type=\"hidden\" value=\"$maxDimension\" name=\"maxDimension\" />
- <select name=\"sort\" size=\"1\" onchange=\"location.href=this.form.sort.options[this.form.sort.selectedIndex].value\">
- <option value=\"".$idscgi.'?mode=album&album='.&encodeSpecialChars($albumtodisplay).'&sort=name'."\"".($sort eq 'name' ? ' selected="selected"' : '').">".$localization{'album-sortName'}."</option>
- <option value=\"".$idscgi.'?mode=album&album='.&encodeSpecialChars($albumtodisplay).'&sort=date'."\"".($sort eq 'date' ? ' selected="selected"' : '').">".$localization{'album-sortDate'}."</option>
- <option value=\"".$idscgi.'?mode=album&album='.&encodeSpecialChars($albumtodisplay).'&sort=size'."\"".($sort eq 'size' ? ' selected="selected"' : '').">".$localization{'album-sortSize'}."</option>
- <option value=\"".$idscgi.'?mode=album&album='.&encodeSpecialChars($albumtodisplay).'&sort=intelligent'."\"".($sort eq 'intelligent' ? ' selected="selected"' : '').">".$localization{'album-sortIntelligent'}."</option>
+ <select name=\"sort\" size=\"1\" onchange=\"this.form.submit()\">
+ <option value=\"".'name'."\"".($sort eq 'name' ? ' selected="selected"' : '').">".$localization{'album-sortName'}."</option>
+ <option value=\"".'date'."\"".($sort eq 'date' ? ' selected="selected"' : '').">".$localization{'album-sortDate'}."</option>
+ <option value=\"".'size'."\"".($sort eq 'size' ? ' selected="selected"' : '').">".$localization{'album-sortSize'}."</option>
+ <option value=\"".'intelligent'."\"".($sort eq 'intelligent' ? ' selected="selected"' : '').">".$localization{'album-sortIntelligent'}."</option>
</select>
+ <noscript>
+ <input type=\"submit\" value=\"Select\">
+ </noscript>
</form>";
$footer = $localization{'site-footer'};
@@ -833,26 +839,26 @@
$imagetitle =~ s/\#\d+_//g;
$imagetitle =~ s/_/ /g;
- my ($ealbumtodisplay) = &encodeSpecialChars($albumtodisplay);
- my ($eimagetodisplay) = &encodeSpecialChars($imagetodisplay);
-
$imageResizer = "
<form action=\"$idscgi\" method=\"get\">
<input type=\"hidden\" value=\"image\" name=\"mode\" />
- <input type=\"hidden\" value=\"$ealbumtodisplay\" name=\"album\" />
- <input type=\"hidden\" value=\"$eimagetodisplay\" name=\"image\" />
- <select name=\"maxDimension\" size=\"1\" onchange=\"location.href=this.form.maxDimension.options[this.form.maxDimension.selectedIndex].value\">
- ".(512 < $origMaxSize ? "<option value=\"".$idscgi."?mode=image&album=".$ealbumtodisplay."&image=".$eimagetodisplay."&maxDimension=512\"".($maxDimension eq '512' ? ' selected="selected"' : '').">".$localization{'image-imageSizeTiny'}." (512)</option>" : '')."
- ".(640 < $origMaxSize ? "<option value=\"".$idscgi."?mode=image&album=".$ealbumtodisplay."&image=".$eimagetodisplay."&maxDimension=640\"".($maxDimension eq '640' ? ' selected="selected"' : '').">".$localization{'image-imageSizeSmall'}." (640)</option>" : '')."
- ".(800 < $origMaxSize ? "<option value=\"".$idscgi."?mode=image&album=".$ealbumtodisplay."&image=".$eimagetodisplay."&maxDimension=800\"".($maxDimension eq '800' ? ' selected="selected"' : '').">".$localization{'image-imageSizeMedium'}." (800)</option>" : '')."
- ".(1024 < $origMaxSize ? "<option value=\"".$idscgi."?mode=image&album=".$ealbumtodisplay."&image=".$eimagetodisplay."&maxDimension=1024\"".($maxDimension eq '1024' ? ' selected="selected"' : '').">".$localization{'image-imageSizeLarge'}." (1024)</option>" : '')."
- ".(1600 < $origMaxSize ? "<option value=\"".$idscgi."?mode=image&album=".$ealbumtodisplay."&image=".$eimagetodisplay."&maxDimension=1600\"".($maxDimension eq '1600' ? ' selected="selected"' : '').">".$localization{'image-imageSizeXLarge'}." (1600)</option>" : '')."
- <option value=\"".$idscgi."?mode=image&album=".$ealbumtodisplay."&image=".$eimagetodisplay."&maxDimension=9999\"";
+ <input type=\"hidden\" value=\"$albumtodisplay\" name=\"album\" />
+ <input type=\"hidden\" value=\"$imagetodisplay\" name=\"image\" />
+ <select name=\"maxDimension\" size=\"1\" onchange=\"this.form.submit()\">
+ ".(512 < $origMaxSize ? "<option value=\"512\"".($maxDimension eq '512' ? ' selected="selected"' : '').">".$localization{'image-imageSizeTiny'}." (512)</option>" : '')."
+ ".(640 < $origMaxSize ? "<option value=\"640\"".($maxDimension eq '640' ? ' selected="selected"' : '').">".$localization{'image-imageSizeSmall'}." (640)</option>" : '')."
+ ".(800 < $origMaxSize ? "<option value=\"800\"".($maxDimension eq '800' ? ' selected="selected"' : '').">".$localization{'image-imageSizeMedium'}." (800)</option>" : '')."
+ ".(1024 < $origMaxSize ? "<option value=\"1024\"".($maxDimension eq '1024' ? ' selected="selected"' : '').">".$localization{'image-imageSizeLarge'}." (1024)</option>" : '')."
+ ".(1600 < $origMaxSize ? "<option value=\"1600\"".($maxDimension eq '1600' ? ' selected="selected"' : '').">".$localization{'image-imageSizeXLarge'}." (1600)</option>" : '')."
+ <option value=\"9999\"";
if ($maxDimension >= $origMaxSize) {
$imageResizer = $imageResizer . ' selected="selected"';
}
$imageResizer = $imageResizer . ">".$localization{'image-imageSizeOriginal'}."</option>
</select>
+ <noscript>
+ <input type=\"submit\" value=\"Select\">
+ </noscript>
</form>";
my ($bigImageURL) = $query->url;
|
|
From: Brian W. <bwe...@xb...> - 2001-08-14 16:48:27
|
On Tue, 14 Aug 2001, John Moose wrote: > Looks great. > > This is what I wanted to do from the beginning, but my javascript skills > weren't up to the task. OK. I'll convert the other menus also, and send a complete patch sometime this week. Brian |
|
From: John M. <mo...@mu...> - 2001-08-14 11:35:17
|
Yes, SF offers CVS to every project, but I haven't used it yet. Would it make your life easier? John On Monday, August 13, 2001, at 04:17 PM, Rick Byers wrote: > Hi, > Is anoncvs access available for IDS? I checked the sourceforge project > webpage, but didn't see anything about CVS. Most other sourceforge > projects I've seen have anoncvs so I thought it might be a standard > sourceforge thing. > > Thanks, > Rick > > > _______________________________________________ > IDS-devel mailing list > IDS...@li... > http://lists.sourceforge.net/lists/listinfo/ids-devel |
7 messages has been excluded from this view by a project administrator.
